Kerberos Setup

Repo: http://mirror.centos.org/centos/7/os/x86_64/

  1. Install Kerberos Packages:

#yum install krb5-server pam_krb5 krb5-workstation

2. Open /etc/krb5.conf – uncomment “realms”, “domain_realms” sections and edit with your own server and domains.

3. Open /var/Kerberos/krb5kdc/kadm5.acl – update domain.

4. Create Kerberos database

#kdb5_util create -r -s “domain”

#systemctl krb5kdc kadmin

#firewall-cmd –add-service=Kerberos –permanent

#firewall-cmd –add-port=749/tcp –permanent

#firewall-cmd –reload

#authconfig –enablekrb5 –update

5. Create Admin principal.

#kadmin.local

#addprinc root/admin

6. Create Test user and add to Kerberos

#useradd test

#kadmin.local

#addprinc test

7. Add KDC hostname to the Kerberos database.

#addprinc -randkey host/server.example.com

8. Create /etc/krb5.keytab

#ktadd host/server.example.com

Login into client machine and do the following:

  1. Install Kerberos packages

#yum install krb5-workstation pam_krb5

2. Update /etc/krb5.conf

3. Create test user

#useradd test

4. Add this host to kerberos

#kadmin

#addprinc -randkey host/client.example.com

#ktadd host/client.example.com

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s